mkpasswd(1) might be a front-end to crypt(3), but it's not the same as running chpasswd(1), which is part of the "shadow-utils" package on CentOS and "passwd" on Debian. Instead, you should compare apples-to-apples. Consider the following script:
#!/bin/bash
# This repeatedly changes a `saltuser' password
# and grabs the salt out of /etc/shadow.
# Requires root and the existence of `saltuser' user.
if [ $EUID -ne 0 ]; then
echo "This script requires root access to read /etc/shadow."
exit 1
fi
grep -q saltuser /etc/passwd
if [ $? -ne 0 ]; then
echo "This script requires the 'saltuser' to be present."
exit 2
fi
: > /tmp/salts.txt
for i in {1..1000}; do
PW=$(tr -cd '[[:print:]]' < /dev/urandom | head -c 64)
echo "saltuser:${PW}" | chpasswd -c SHA256 -s 0 2> /dev/urandom
awk -F '$' '/^saltuser/ {print $3}' /etc/shadow >> /tmp/salts.txt
done
while read LINE; do
# 6th character in the salt
echo ${LINE:5:1}
done < /tmp/salts.txt | sort | uniq -c | sort -n
Output from Debian Sid:
3 1
3 8
4 .
4 0
4 2
4 e
4 h
4 n
5 3
5 a
5 C
5 i
5 I
5 J
5 o
5 Q
5 V
6 5
6 K
6 S
6 U
6 y
6 z
7 D
7 k
7 M
7 P
7 q
7 R
7 u
8 9
8 b
8 B
8 c
8 j
8 O
8 r
8 X
8 Y
9 A
9 E
9 G
9 H
9 N
9 w
9 Z
10 6
10 7
10 f
10 g
10 l
10 s
11 4
11 F
11 L
11 p
12 d
12 m
12 x
13 t
13 v
13 W
14 T
512 /
Output from CentOS 7:
3 7
4 K
4 N
4 l
4 n
5 2
5 3
5 V
5 j
5 m
5 r
6 .
6 5
6 J
6 Q
6 a
6 d
6 p
7 1
7 4
7 6
7 A
7 M
7 R
7 T
7 U
7 k
7 o
7 y
7 z
8 0
8 D
8 H
8 S
8 b
8 c
8 t
8 v
9 8
9 9
9 C
9 F
9 W
9 f
9 g
9 x
10 E
10 I
10 X
10 h
10 i
10 q
10 u
10 w
11 G
11 L
11 O
11 Y
11 e
12 Z
12 s
13 B
13 P
504 /
So, the problem isn't unique to CentOS, but likely coming from upstream where both projects are pulling from.
